Home

nixery-nix @6aec39718f8e736a7ae3c4590ff39d94730cd2ba - refs - log -
- 
https://git.jolheiser.com/nixery-nix.git
Nixery flake for package/module/overlay
nixery-nix / module.nix
- raw - 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

{ nixery }:
{
  config,
  lib,
  pkgs,
  ...
}:
let
  cfg = config.services.nixery;
  pkg = (import nixery { inherit pkgs; }).nixery;
in
{
  options.services.nixery = {
    enable = lib.mkEnableOption "Container registry which transparently builds images using the Nix package manager";
    package = lib.mkOption {
      type = lib.types.package;
      default = pkg;
      description = "The nixery package";
    };
    port = lib.mkOption {
      type = lib.types.port;
      default = 8080;
      description = "Port to serve nixery on";
    };
    storagePath = lib.mkOption {
      type = lib.types.path;
      default = "/var/lib/nixery";
      description = "Storage path for nixery";
    };
    storageBackend = lib.mkOption {
      type = lib.types.str;
      default = "filesystem";
      description = "Nixery storage backend";
    };
    timeout = lib.mkOption {
      type = lib.types.int;
      default = 60;
      description = "Nix timeout";
    };
    pkgPath = lib.mkOption {
      type = lib.types.path;
      default = pkgs.path;
      description = "Path to nixpkgs";
    };
    user = lib.mkOption {
      type = lib.types.str;
      default = "nixery";
      description = "User for nixery";
    };
    group = lib.mkOption {
      type = lib.types.str;
      default = "nixery";
      description = "Group for nixery";
    };
  };
  config = lib.mkIf cfg.enable {
    systemd.services.nixery = {
      description = "nixery container registry";
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        ExecStartPre = "${lib.getExe' pkgs.coreutils "mkdir"} -p ${cfg.storagePath}";
        ExecStart = "${lib.getExe' cfg.package "server"}";
        StateDirectory = "nixery";
        Restart = "always";
        User = cfg.user;
        Group = cfg.group;
      };
      environment = {
        PORT = builtins.toString cfg.port;
        NIXERY_PKGS_PATH = cfg.pkgPath;
        NIXERY_STORAGE_BACKEND = cfg.storageBackend;
        NIX_TIMEOUT = builtins.toString cfg.timeout;
        STORAGE_PATH = cfg.storagePath;
        WEB_DIR = "/dev/null";
      };
    };
    users = {
      users.${cfg.user} = {
        isSystemUser = true;
        group = cfg.group;
      };
      groups.${cfg.group} = { };
    };
    virtualisation.docker.enable = true;
  };
}